Skip to main content

Bandwidth Problems

Comments

9 comments

  • cPanelMichael
    Hello, I recommend blocking that IP address if it's using up that much bandwidth. You can block the IP address manually via the account's .htaccess file or using IP Blocker within cPanel: IP Blocker - Documentation - cPanel Documentation Thank you.
    0
  • sweettea
    I have done that but what's stopping them from doing it again and again? It there some way to monitor IP addresses that appear to be malicious?
    Hello, I recommend blocking that IP address if it's using up that much bandwidth. You can block the IP address manually via the account's .htaccess file or using IP Blocker within cPanel:
    0
  • cPanelMichael
    I have done that but what's stopping them from doing it again and again? It there some way to monitor IP addresses that appear to be malicious?

    The issue is better addressed with custom firewall rules or Mod_Security rules that block the user-agent. You may need to consider switching hosting providers if your current provider is unwilling to address the concern. Thank you.
    0
  • sweettea
    The issue is better addressed with custom firewall rules or Mod_Security rules that block the user-agent. You may need to consider switching hosting providers if your current provider is unwilling to address the concern. Thank you.

    Can you expand on how to block user agents? After blocking this IP Address it came back today....same IP Address I denied. Obviously cPanel IP Denier is not working.
    0
  • cPanelMichael
    Hello, You can find an example of the .htaccess rules to block a specific user-agent at: Block by useragent or empty referer Let us know if this helps. Thank you.
    0
  • sweettea
    Hello, You can find an example of the .htaccess rules to block a specific user-agent at: Block by useragent or empty referer Let us know if this helps. Thank you.

    Thank you for your reply. Just to let you know I have zero experience with manipulating the htaccess file. I would hate to mess something up. Is it as simple as copy and paste? For me what would I put as the user agent for this bot? Thank you.
    0
  • cPanelMichael
    Thank you for your reply. Just to let you know I have zero experience with manipulating the htaccess file. I would hate to mess something up. Is it as simple as copy and paste? For me what would I put as the user agent for this bot? Thank you.

    Could you post the contents of your .htaccess file as it exists now, ensuring to replace any real domain names or IP addresses with examples? Thank you.
    0
  • sweettea
    Could you post the contents of your .htaccess file as it exists now, ensuring to replace any real domain names or IP addresses with examples? Thank you.

    1. I cannot see htaccess file in "File Manager". I can only access it through the "Legacy File Manager". Is that a problem? 2. There are two htaccess files. One is just .htaccess the other is .htaccesss-1404323084. Which do I edit? We have a mobile version of the website. 3. What type of encoding do I use to edit? In the regular .htaccess file it reads: 1 # Use PHP52 as default 2 AddHandler application/x-httpd-php52 .php 3 4 suPHP_ConfigPath /opt/php52/lib 5 6 In the ..htaccesss-1404323084 file it reads: 1 # Use PHP54 as default 2 AddHandler application/x-httpd-php54 .php 3 4 suPHP_ConfigPath /opt/php54/lib 5 6 The user agent on the bot is "sqlmap/1.0-dev-nongit-20151007 (sqlmap: automatic SQL injection and database takeover tool)"
    0
  • cPanelMichael
    . I cannot see htaccess file in "File Manager". I can only access it through the "Legacy File Manager". Is that a problem?

    In File Manager, you can utilize the "Settings" option in the upper-right hand section of the interface and enable the following option: Show Hidden Files (dotfiles)
    . There are two htaccess files. One is just .htaccess the other is .htaccesss-1404323084. Which do I edit? We have a mobile version of the website.

    Use .htaccess. The other looks like a backup of an older version.
    . What type of encoding do I use to edit? In the regular .htaccess file it reads: 1 # Use PHP52 as default 2 AddHandler application/x-httpd-php52 .php 3 4 suPHP_ConfigPath /opt/php52/lib 5 6

    Add lines such as this after the last line and then save the changes:
    RewriteEngine on RewriteCond %{HTTP_USER_AGENT} sqlmap [NC] RewriteRule ^ - [F,L]
    Thank you.
    0

Please sign in to leave a comment.